<!--
Copyright 2023 Specter Ops, Inc.

Licensed under the Apache License, Version 2.0
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

SPDX-License-Identifier: Apache-2.0
-->
<svg xmlns="http://www.w3.org/2000/svg" width="1915" height="514" viewBox="0 0 1915 514"><defs><style type="text/css"/></defs><g transform="translate(-2010.2280990212867 314.2731698129063) scale(1)"><g class="relationship"><g transform="translate(3423.74162624102 85.21376424653403) rotate(-20.294793241263665)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 392.4197853732252 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(417.28193599097347 0) rotate(0)" stroke="none"/></g><g transform="translate(3635.439552287885 6.926193304152804) rotate(-20.294793241263665) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-45.00833511352539 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="90.01667022705078" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">RootCAFor</text></g></g></g></g><g class="relationship"><g transform="translate(3108.6913807381916 -79.98482500732365) rotate(27.670553987919654)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 271.8726257014322 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(296.73477631918047 0) rotate(0)" stroke="none"/></g><g transform="translate(3255.2071403667524 -3.158359579674169) rotate(27.670553987919654) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-64.76666641235352 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="129.53333282470703" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">IssuedSignedBy</text></g></g></g></g><g class="relationship"><g transform="translate(3423.74162624102 -200.67316981290634) rotate(15.118589716297125)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 378.8684245896354 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(403.7305752073837 0) rotate(0)" stroke="none"/></g><g transform="translate(3635.098100479097 -143.57124243036068) rotate(15.118589716297125) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-64.92499923706055 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="129.8499984741211" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">NTAuthStoreFor</text></g></g></g></g><g class="relationship"><g transform="translate(3108.6913807381916 -79.98482500732365) rotate(-20.96066208319659)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 253.51350612604196 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(278.3756567437903 0) rotate(0)" stroke="none"/></g><g transform="translate(3254.608039009019 -135.88206748736448) rotate(-20.96066208319659) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-73.59166717529297 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="147.18333435058594" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">TrustedForNTAuth</text></g></g></g></g><g class="relationship"><g transform="translate(2677.4496051964875 85.21376424653403) rotate(-20.96066208319656)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 377.93871865798866 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(402.80086927573694 0) rotate(0)" stroke="none"/></g><g transform="translate(2881.462028486753 7.061399542355687) rotate(-20.96066208319656) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-50.766666412353516 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="101.53333282470703" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">PublishedTo</text></g></g></g></g><g class="relationship"><g transform="translate(2677.4496051964875 -200.67316981290634) rotate(15.63493379797902)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 363.9493560949229 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(388.8115067126712 0) rotate(0)" stroke="none"/></g><g transform="translate(2881.099387027154 -143.6792594750516) rotate(15.63493379797902) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-50.766666412353516 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="101.53333282470703" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">PublishedTo</text></g></g></g></g><g class="relationship"><g transform="translate(2677.4496051964875 -200.67316981290634) rotate(90)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 202.02478344169205 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(226.88693405944036 0) rotate(0)" stroke="none"/></g><g transform="translate(2677.4496051964875 -70.1607780920603) rotate(270) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-70.65833282470703 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="141.31666564941406" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">EnrollOnBehalfOf</text></g></g></g></g><g class="relationship"><g transform="translate(2346.9265634338094 -79.98482500732365) rotate(0)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 677.9026666866339 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(702.7648173043822 0) rotate(0)" stroke="none"/></g><g transform="translate(2715.3778967771264 -79.98482500732365) rotate(0) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-26.508333206176758 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="53.016666412353516" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">Enroll</text></g></g></g></g><g class="relationship"><g transform="translate(2064.2280990212867 85.21376424653403) rotate(-30.300444892077618)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 243.56569742310356 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(268.42784804085187 0) rotate(0)" stroke="none"/></g><g transform="translate(2194.8444448165646 8.886373845901346) rotate(-30.300444892077618) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-45.974998474121094 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="91.94999694824219" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">MemberOf</text></g></g></g></g><g class="relationship"><g transform="translate(2064.2280990212867 -200.67316981290634) rotate(23.118385197772763)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 223.5205072423034 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(248.38265786005172 0) rotate(0)" stroke="none"/></g><g transform="translate(2194.1445265101943 -145.20983848822368) rotate(23.118385197772763) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-45.974998474121094 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="91.94999694824219" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">MemberOf</text></g></g></g></g><g class="relationship"><g transform="translate(2346.9265634338094 -79.98482500732365) rotate(26.556323213695052)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 285.64570454573504 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(310.5078551634834 0) rotate(0)" stroke="none"/></g><g transform="translate(2501.068545809933 -2.94318247151449) rotate(26.556323213695052) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-73.23332977294922 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="146.46665954589844" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">AllExtendedRights</text></g></g></g></g><g class="relationship"><g transform="translate(2346.9265634338094 -79.98482500732365) rotate(-20.059337850221137)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 268.0059464128922 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(292.8680970306405 0) rotate(0)" stroke="none"/></g><g transform="translate(2500.5111040542406 -136.0652238090348) rotate(-20.059337850221137) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-26.508333206176758 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="53.016666412353516" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">Enroll</text></g></g></g></g><g class="relationship"><g transform="translate(2064.2280990212867 85.21376424653403) rotate(0)" stroke-width="5" stroke="#000000"><path d="M 59 0 L 529.3593555574525 0"/><polygon points="-24.8621506177483,0 -27.62461179749811,9.20820393249937 0,0 -27.62461179749811,-9.20820393249937" fill="#000000" transform="translate(554.2215061752008 0) rotate(0)" stroke="none"/></g><g transform="translate(2358.407776800013 85.21376424653403) rotate(0) translate(0 -13)"><g transform="translate(0 0)"><g transform="translate(-107.3499984741211 0)" fill="#ffffff" stroke="#000000" stroke-width="0"><rect x="0" y="0" width="214.6999969482422" height="26" rx="5" ry="5" stroke="none"/><text xml:space="preserve" x="5" y="17.5" stroke="none" text-anchor="left" font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000">DelegatedEnrollmentAgent</text></g></g></g></g><g class="node"><g fill="#68ccca" stroke="#000000" stroke-width="4"><circle cx="3870.4561980425733" cy="-79.98482500732365" r="52"/></g><g transform="translate(3870.4561980425733 -79.98482500732365)"><g transform="scale(0.46093803906249997) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">Domain</text></g></g></g></g></g><g class="node"><g fill="#653294" stroke="#000000" stroke-width="4"><circle cx="3423.74162624102" cy="-200.67316981290634" r="52"/></g><g transform="translate(3423.74162624102 -200.67316981290634)"><g transform="scale(0.294922580078125) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">NTAuthStore</text></g></g></g></g></g><g class="node"><g fill="#653294" stroke="#000000" stroke-width="4"><circle cx="3423.74162624102" cy="85.21376424653403" r="52"/></g><g transform="translate(3423.74162624102 85.21376424653403)"><g transform="scale(0.48828176171874993) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">RootCA</text></g></g></g></g></g><g class="node"><g fill="#194d33" stroke="#000000" stroke-width="4"><circle cx="3108.6913807381916" cy="-79.98482500732365" r="52"/></g><g transform="translate(3108.6913807381916 -79.98482500732365)"><g transform="scale(0.26367261132812503) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#ffffff" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">EnterpriseCA1</text></g></g></g><g transform="translate(3.429011037612589e-15 -75.2)"><g transform="translate(0 0)"><g transform="translate(-147.13333129882812 0)" fill="white"><rect x="0" y="0" width="294.26666259765625" height="19.2" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="252.33333110809326" y="14.1" stroke="none">HasEnrollmentAgentRestrictions:</text><text xml:space="preserve" x="256.4999976158142" y="14.1" stroke="none" text-anchor="start">True</text></g></g></g></g></g></g><g class="node"><g fill="#ffffff" stroke="#d33115" stroke-width="4"><circle cx="2064.2280990212867" cy="85.21376424653403" r="52"/></g><g transform="translate(2064.2280990212867 85.21376424653403)"><g transform="scale(0.5976566523437499) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">User1</text></g></g></g></g></g><g class="node"><g fill="#fda1ff" stroke="#000000" stroke-width="4"><circle cx="2677.4496051964875" cy="85.21376424653403" r="52"/></g><g transform="translate(2677.4496051964875 85.21376424653403)"><g transform="scale(0.255860119140625) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">CertTemplate2</text></g></g></g><g transform="translate(3.429011037612589e-15 56)"><g transform="translate(0 0)"><g transform="translate(-127.63333129882812 0)" fill="white"><rect x="0" y="0" width="255.26666259765625" height="57.599999999999994" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="208.83333110809326" y="14.1" stroke="none">AuthenticationEnabled:</text><text xml:space="preserve" x="212.9999976158142" y="14.1" stroke="none" text-anchor="start">True</text><text xml:space="preserve" x="208.83333110809326" y="33.3" stroke="none" text-anchor="end">RequiresManagerApproval:</text><text xml:space="preserve" x="212.9999976158142" y="33.3" stroke="none" text-anchor="start">False</text><text xml:space="preserve" x="208.83333110809326" y="52.5" stroke="none" text-anchor="end">SubjectAltRequireUPN:</text><text xml:space="preserve" x="212.9999976158142" y="52.5" stroke="none" text-anchor="start">True</text></g></g></g></g></g></g><g class="node"><g fill="#fda1ff" stroke="#000000" stroke-width="4"><circle cx="2677.4496051964875" cy="-200.67316981290634" r="52"/></g><g transform="translate(2677.4496051964875 -200.67316981290634)"><g transform="scale(0.255860119140625) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">CertTemplate1</text></g></g></g><g transform="translate(3.429011037612589e-15 -113.6)"><g transform="translate(0 0)"><g transform="translate(-127.63333129882812 0)" fill="white"><rect x="0" y="0" width="255.26666259765625" height="57.599999999999994" rx="0" ry="0" stroke="none"/><g font-family="sans-serif" font-size="16" font-weight="normal" fill="#000000" text-anchor="end"><text xml:space="preserve" x="208.83333110809326" y="14.1" stroke="none">RequiresManagerApproval:</text><text xml:space="preserve" x="212.9999976158142" y="14.1" stroke="none" text-anchor="start">False</text><text xml:space="preserve" x="208.83333110809326" y="33.3" stroke="none" text-anchor="end">AuthorizedSignatures:</text><text xml:space="preserve" x="212.9999976158142" y="33.3" stroke="none" text-anchor="start">0</text><text xml:space="preserve" x="208.83333110809326" y="52.5" stroke="none" text-anchor="end">SchemaVersion:</text><text xml:space="preserve" x="212.9999976158142" y="52.5" stroke="none" text-anchor="start">2</text></g></g></g></g></g></g><g class="node"><g fill="#ffffff" stroke="#009ce0" stroke-width="4"><circle cx="2346.9265634338094" cy="-79.98482500732365" r="52"/></g><g transform="translate(2346.9265634338094 -79.98482500732365)"><g transform="scale(0.48046926953125) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">Group1</text></g></g></g></g></g><g class="node"><g fill="#ffffff" stroke="#009ce0" stroke-width="4"><circle cx="2064.2280990212867" cy="-200.67316981290634" r="52"/></g><g transform="translate(2064.2280990212867 -200.67316981290634)"><g transform="scale(0.5976566523437499) translate(0 0)"><g transform="translate(0 0)"><g font-family="sans-serif" font-size="50" font-weight="normal" fill="#000000" text-anchor="middle"><text xml:space="preserve" x="0" y="14.5" stroke="none">User2</text></g></g></g></g></g></g></svg>
